Alerting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why was an alert deleted by the Splunk system?

AnalCSVD28
New Member
‎09-05-2018 07:44 AM

Hello everyone,

I have a problem with an alert removed without a user's action.

When I join the Splunk logs...

splunk_server = "XXX" index=_audit  host=YourHostName action=alert_deleted

...I do not see deletion events which may have occurred? Is this some action of the system? How can I identify the cause of the deletion of the alert?

Tags (2)
0 Karma
Reply
Get Updates on the Splunk Community!

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!

Reimagine what you can do with your dashboards. Dashboard Studio is Splunk’s newest dashboard builder to ...

Introducing Edge Processor: Next Gen Data Transformation

We get it - not only can it take a lot of time, money and resources to get data into Splunk, but it also takes ...

Take the 2021 Splunk Career Survey for $50 in Amazon Cash

Help us learn about how Splunk has impacted your career by taking the 2021 Splunk Career Survey. Last year’s ...